In prior systems, a reset secure boot provides the most assurance that an “immutable”, fully deterministic instruction sequence will be executed as intended. This immutable process is the root-of-trust from which the system securely establishes the runtime environment. Thus code authentication, integrity measurements, and high value crypto key installation are performed at this “high assurance” time right after reset. But this means the security state of the firmware, keys, etc. must be installed early and powered until the chip is powered off. This can be costly in power consumption, especially in the case where higher performing but power leaky cells are used for high throughput cryptographic accelerators.